Skip to content
This repository has been archived by the owner on Aug 14, 2019. It is now read-only.

Expose private site properties to authenticated users only #5

Open
frankiejarrett opened this issue Feb 1, 2016 · 2 comments
Open

Comments

@frankiejarrett
Copy link
Contributor

Unlike published content, options can be security-sensitive and should not be exposed to everyone.

So while we were combing through options recently, we discussed each one and determined whether or not we felt it should be public or private.

@danielbachhuber
Copy link
Member

Generally, a good rule of thumb as to whether an option should be public or private is whether it's already publicly exposed (e.g. indirect UI, body class added, etc.). If it's not exposed as a variable on the frontend, then it should remain private.

@frankiejarrett
Copy link
Contributor Author

@danielbachhuber 👍 good rule

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants